REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Patrick
 
 

 

Braindumps of HP0-Y11
ProCure Security 7.31

 

Exam Questions, Answers, Braindumps (HP0-Y11)
Thanx to 4Exam.com for my help.


QUESTION: Which statement d escribing dynamic VLAN assignment for 802.1X authenticator ports on ProCurve switches is correct?
A. If a GVRP-learned VLAN is used, the RADIUS server must specify that attribute.
B. The VLAN used may be statically defined on the switch or learned through GVRP.
C. If a client fails authentication, the port is reassigned to the Secure Management VLAN.
D. If a client is authenticated, but no VLAN attribute is returned by a RADIUS server, the switch blocks the port.
Answer: B


QUESTION: Which two EAP methods support tunneling of a weaker authentication method such as MSCHAPv2?
A. TLS and SIM
B. PAP and SPAP
C. LEAP and FAST
D. PEAP and TTLS
Answer: D


QUESTION: Which statement describing the MAC Lockdown feature supported on the ProCurve Switch 5400zl series is correct?
A. A MAC address can be locked down to one or more trunks.
B. It is enforced at the network edge by configuring the feature globally on a core switch.
C. Once a port becomes locked down, the network administrator must disable and then re-enable the port to connect another device.
D. To be locked down, a device with a specified MAC address must access the network by passing through the assigned port and VLAN.
Answer: D


QUESTION: Which statement describing standard and extended ACLs on the ProCurve Switch 5400zl series is correct?
A. An extended ACL supports filtering on both source and destination TCP/UDP ports, while a standard ACL supports only source TCP/UDP ports.
B. Standard and extended ACLs can both specify TCP/UDP ports, but only an extended ACL can specify the precedence and type of service identifiers.
C. A standard ACL can specify only a filter based on a destination IP address, while an extended ACL can specify both source and destination IP addresses.
D. An extended ACL can filter traffic from a source TCP/UDP port to a destination IP address, while a standard ACL filters only traffic based on the source IP address.
Answer: D


QUESTION: How does the ProCurve Connection-rate Filtering feature operate?
A. When the aggregate flow of packets sent over a trunk or list of ports reaches a threshold, selected packets are dropped.
B. When a source IP address generates a rate of connection requests to multiple destinations that exceeds a threshold, a configured action is applied.
C. When the number of TCP SYN requests sent to any one of the switch's management interfaces exceeds a configured limit, the source port is disabled.
D. When an excessive number of source IP addresses attempt to create a Denial of Service attack on a given destination IP address, the source ports are throttled.
Answer: B


QUESTION: Which statement describing the ProCurve Connection-rate Filtering feature is correct?
A. The connection-rate filter sensitivity is configurable on a per-port basis.
B. It protects against both known and unknown threats, but requires intrusion signature updates.
C. It uses the Traffic Monitoring feature to determine whether traffic activity represents an intrusion.
D. A connection-rate ACL can be used to allow some or all inbound traffic through a port that has been throttled or blocked.
Answer: D


QUESTION: Which statements describing a static port ACL are correct? (Select two.)
A. It can be implemented as an extended ACL only.
B. Adding a port to a trunk applies the trunk's ACL configuration to the new member.
C. It is useful where clients with differing access needs are likely to use the same port.
D. Can be conditionally assigned to a port based on the connecting device's MAC address.
E. It filters any inbound IP traffic on the designated port, regardless of whether it is switched or routed.
Answer: B, E


QUESTION: Which statements describing the ProCurve SNMP Message Throttling feature are correct? (Select two.)
A. Message throttling can be enabled or disabled based on the event severity level.
B. The amount of time that repeating events are throttled depends on the severity level.
C. Messages are throttled based on having the same severity level and the duration between repeated messages.
D. It controls the rate that SNMP traps are sent to one or more trap receivers and messages are sent to the switch Event Log.
E. If a given type of event continues to occur after a configurable number of cycles, generation of subsequent messages are disabled until the administrator unblocks them.
Answer: B, D


QUESTION: Which statements describe capabilities of the ProCurve Instrumentation Monitor? (Select two.)
A. The anomaly detection engine can detect zero-day attacks.
B. Alerts can be sent to the switch Event Log or to SNMP trap receivers.
C. It supports integration with the ProCurve Manager Traffic Monitor component.
D. Predefined threshold levels can be used or specific values can be set for thresholds.
E. Ports are automatically blocked if the number of intrusions of a given category is exceeded.
F. System resource usage based on 802.1X, Web, and MAC authentication sessions can be monitored.
Answer: B, D


QUESTION: What is the purpose of defining IP-to-MAC address bindings on a ProCurve switch that has Dynamic ARP Protection enabled?
A. to specify clients connected to untrusted ports
B. to lock down the switch's IP addresses to its base MAC address
C. to identify devices that do not use DHCP, but have a static IP address assigned
D. to provide security on those ports where different clients may connect over time
E. to protect uplink ports that connect to other switches that do not support Dynamic ARP Protection
Answer: C

HP0-Y11

 

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend